Re: Getting SCTP support ready for merging

[Gisle Vanem <gvanem () broadpark no>]

"Daniel Roethlisberger" <daniel () roe ch> wrote:

> > The '-sY' gives no open sctp ports (1-1024) scanning against
> > www.sctp.org.
> >
> > The final word from nmap-sctp is:
> >  "All 1024 scanned ports on lakerest.net (70.155.160.98) are filtered 
> >  because of 1024 no-responses".
>
> Are you sure there is no NAT or stateful firewall or something in
> your way, which drops all SCTP packets?  (Windows firewall or
> some other personal firewall?)

You're correct. It was my ADSL-box dropping the inbound sctp packets.
Fixed now.

> What is the output of:
>
> NMAPDIR=. ./nmap -v -d3 -PN -sY -p 22,80 www.sctp.org

...

Changing ping technique for 70.155.160.98 to sctp to port 22; chunk: INIT
RCVD (2.9380s) SCTP 70.155.160.98:80 > 10.0.0.6:48513 ttl=40 id=44888 iplen=596
Found 70.155.160.98 in incomplete hosts list.
Discovered open port 80/sctp on 70.155.160.98
Moving 70.155.160.98 to completed hosts list with 0 outstanding probes.
Changing global ping host to 70.155.160.98.
Completed SCTP INIT Scan at 16:07, 0.67s elapsed (2 total ports)
Overall sending rates: 2.98 packets / s, 154.76 bytes / s.
pcap stats: 4 packets received by filter, 0 dropped by kernel.
Host lakerest.net (70.155.160.98) is up, received user-set (0.17s latency).
Scanned at 2009-05-22 16:07:11 GMT for 1s
Interesting ports on lakerest.net (70.155.160.98):
PORT    STATE  SERVICE REASON
22/sctp closed ssh     abort
80/sctp open   http    init-ack
Final times for host: srtt: 172000 rttvar: 129000  to: 688000

Read from .: nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 2.94 seconds
          Raw packets sent: 2 (104B) | Rcvd: 2 (122B)

--gv

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org